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Computer Crime Section 


Re: Data Breach Notification 

Samuel E. Fishel, Section Chief, Computer Crime Section 


Dear Mr. Fishel: 


I serve as the Chief Operating Officer of Cipriani & Werner, P.C (“C&W”). 

In accordance with Section 18.2-186.6. of the Code of Virginia, C&W submits this letter 
as notification of an unauthorized access to personal information of some employees. Although 
we are not yet certain of the origin of the unauthorized access, we believe it may be a software 
vendor. C&W engaged a payroll software company for the processing of employee W2 and 
1095-C Tax Forms. In addition to being mailed in hardcopy to all C&W employees, the payroll 
company also made those forms available online via employee specific portals. On or around 
March 30, 2016, C&W became aware that certain employees were notified by the IRS that tax 
returns had already been filed in their names. We determined that certain online C&W employee 
portals were compromised and, as a result, personal tax information of approximately one (1) 
Virginia resident may have been exposed to others. 

The online C&W employee portals were taken offline the same day C&W became aware 
of the fraudulent attempts to access those portals. C&W has obtained IP addresses that 
attempted access and is currently working with cybersecurity experts, state and federal agencies, 
and other professionals. C&W is notifying affected individuals in writing, and a copy of the 
formatted letter is attached. As the letter indicates, C&W will be offering credit monitoring 
service for two years at C&W’s expense. 

Please contact me should you have any questions. 

yours. 


A. KINCAID, JR. 
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[Date] 

[Recipient's Name] 
[Address] 

[City, State, Zip] 


Re: Important Security and Protection Notification 

Please read this entire letter 

Dear [resident's name]: 

We are contacting you regarding a data security incident that occurred sometime before March 28, 
2016. As you may be aware, Cipriani & Werner, P.C. engaged a payroll software company for the 
processing of employee W2 and 1095-C Tax Forms. In addition to being mailed in hardcopy to all C&W 
employees, the payroll company also made those forms available online via employee specific portals. 
On or around March 30, 2016, C&W became aware that certain employees were notified by the IRS that 
tax returns had already been filed in their names. We determined that certain online C&W employee 
portals were compromised and, as a result, your personal tax information may have been exposed to 
others. 

What we are doing to protect your information: 

Please be assured that we have taken every step necessary to address the incident, and that we are 
committed to fully protecting all of the information that you have entrusted to us. The online C&W 
employee portals were taken offline the same day C&W became aware of the fraudulent attempts to 
access certain employee accounts. In addition, C&W has obtained IP addresses that attempted access 
to the online C&W employee portals, and is currently working with cybersecurity experts, state and 
federal regulatory agencies, and other professionals to ensure the continued security of your 


information. 


In addition, and to help protect your identity, we are offering a complimentary two-year membership of 
Experian's ProtectMylD Elite. This product helps detect possible misuse of your personal information 
and provides you with superior identity protection support focused on immediate identification and 
resolution of identity theft. 
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Activate ProtectMylD Now in Three Easy Steps 


1. ENSURE That You Enroll By: [date] (Your code will not work after this date) 

2. VISIT the ProtectMylD Web Site to enroll: www.protectmyid.com/enroll 

3. PROVIDE Your Activation Code: [code] 

If you have questions or need an alternative to enrolling online, please call 877-441-6943 and provide 
engagement #: [engagement number] 

ADDITIONAL DETAILS REGARDING YOUR 24-MONTH PROTECTMYID MEMBERSHIP: 

A credit card is not required for enrollment. 

Once your ProtectMylD membership is activated, you will receive the following features: 

• Free copy of your Experian credit report 

• Surveillance Alerts for: 

o Daily 3 Bureau Credit Monitoring: Alerts of key changes & suspicious activity found on 
your Experian, Equifax, and TransUnion credit reports, 
o Internet Scan: Alerts if your personal information is located on sites where 
compromised data is found, traded or sold, 
o Change of Address: Alerts of any changes in your mailing address. 

• Identity Theft Resolution & ProtectMylD ExtendCARE: Toll-free access to US-based customer 
care and a dedicated Identity Theft Resolution agent who will walk you through the process of 
fraud resolution from start to finish for seamless service. They will investigate each incident; 
help with contacting credit grantors to dispute charges and close account including credit, debit 
and medical insurance cards; assist with freezing credit files; contact government agerncies. 

o It is recognized that identity theft can happen months and even years after a data 
breach. To offer added, protection you will receive ExtendCARE, which provides you 
with the same high-level of Fraud Resolution support even after your ProtectMylD 
membership has expired. 

• $1 Million Identity Theft Insurance*: Immediately covers certain costs including, lost wages, 
private investigator fees, and unauthorized electronic fund transfers. 

• Lost Wallet Protection: If you misplace or have your wallet stolen, an agent will help you cancel 
your credit, debit, and medical insurance cards. 

Once your enrollment in ProtectMylD is complete, you should carefully review your credit report for 
inaccurate or suspicious items. If you have any questions about ProtectMylD, need help understanding 
something on your credit report or suspect that an item on your credit report may be fraudulent, please 
contact Experian's customer care team at 877-441-6943. 

What you can do to protect your information 

There are additional actions you can consider taking to reduce the chances of identity theft or fraud on 
your account(s). Please refer to the final three pages of this letter for further information. 


* Identity theft insurance is underwritten by insurance company subsidiaries or affiliates of American International 
Group, Inc. (AIG). The description herein is a summary and intended for informational purposes only and does not 
include all terms, conditions, and exclusions of the policies described. Please refer to the actual policies for terms, 
conditions, and exclusions of coverage. Coverage may not be available in all jurisdictions. 



We sincerely apologize for this incident, regret any inconvenience it may cause you and encourage you 
to take advantage of the product outlined herein. Should you have any questions or concerns regarding 
this matter and/or the protections available to you, please do not hesitate to contact us at [insert 
contact info]. 


Very truly yours, 


JOHN A. KINCAID, JR. 



ADDITIONAL ACTIONS TO HELP REDUCE YOUR CHANCES OF IDENTITY 

THEFT 


^ PLACE A 90-DAY FRAUD ALERT ON YOUR CREDIT FILE 

An initial 90 day security alert indicates to anyone requesting your credit file that you 
suspect you are a victim of fraud. When you or someone else attempts to open a credit 
account in your name, increase the credit limit on an existing account, or obtain a new 
card on an existing account, the lender should take steps to verify that you have 
authorized the request. If the creditor cannot verify this, the request should not be 
satisfied. You may contact one of the credit reporting companies below for assistance. 

Equifax Experian TransUnion 

1-800-525-6285 1-888-397-3742 1-800- 

680-7289 

www.equifax.comwww.experian.comwww.transunion.com 

> PLACE A SECURITY FREEZE ON YOUR CREDIT FILE 

If you are very concerned about becoming a victim of fraud or identity theft, a security 
freeze might be right to you. Placing a freeze on your credit report will prevent lenders 
and others from accessing your credit report in connection with new credit application, 
which will prevent them from extending credit. A security freeze generally does not 
apply to circumstances in which you have an existing account relationship and a copy of 
your report is request by your existing creditor or its agents or affiliates for certain types 
of account review, collection, fraud control or similar activities. With a Security Freeze 
in place, you will be required to take special steps when you wish to apply for any type of 
credit. This process is also completed through each of the credit reporting agencies. 

^ ORDER YOUR FREE ANNUAL CREDIT REPORTS 

Visit www.annualcreditreport.com or call 877-322-8228. 

Once you receive your credit reports, review them for discrepancies. Identify any 
accounts you did not open or inquiries from creditors that you did not authorize. Verify 
all information is correct. If you have questions or notice incorrect information, contact 
the credit reporting company. 

> MANAGE YOUR PERSONAL INFORMATION 

Take steps such as: carrying only essential documents with you; being aware of whom 
you are sharing your personal information with and shredding receipts, statements, and 
other sensitive information. Remain vigilant by reviewing account statements and 
monitoring credit reports. 

> USE TOOLS FROM CREDIT PROVIDERS 

Carefully review your credit reports and bank, credit card and other account statements. 
Be proactive and create alerts on credit cards and bank accounts to notify you of activity. 
If you discovery unauthorized or suspicious activity on your credit report or by any other 
means, file an identity theft report with your local police and contact a credit reporting 
company. 






BE AWARE OF SUSPICIOUS ACTIVITY INVOLVING YOUR HEALTH 
INSURANCE 

Contact your healthcare provider if bills do not arrive when expected, and review your 
Explanation of Benefit forms to check for irregularities or suspicious activity. You can 
also contact your health insurance company to notify them of possible medical identity 
theft or ask for a new account number. 

OBTAIN MORE INFORMATION ABOUT IDENTITY THEFT AND WAYS TO 
PROTECT YOURSELF 

• Visit http://www.experian.com/credit-adviceftopic-fraud-and-identity-theft.html 
for general information regarding protecting your identity. 

e The Federal Trade Commission has an identity theft hotline: 877-438-4338; 
TTY: 1-866-653-4261. 

They also provide information on-line at www.ftc.gov/idtheft . 

• Individuals can obtain information about steps to avoid Identity Theft from any of 
the above credit reporting agencies, the FTC or their respective state’s Attorney 
General’s office: 

■ Residents of Pennsylvania may contact the Attorney General at: 

Pennsylvania Office of Attorney General 
16 th Floor, Strawberry Square 
Harrisburg, PA 17120 
(717) 787-3391 
800-441-2555 

https://www.attorneygeneral.gov/Home/ 

■ Residents of Maryland may contact the Attorney General at: 

Office of the Attorney General 
200 St. Paul Place 
Baltimore, MD 21202 
(410)576-6300 
1-888-743-0023 

https://www.oag.state.md.us/index.htm 

■ Residents of New Jersey may contact the Attorney General at: 

Office of the Attorney General 
RJ Hughes Justice Complex 
25 Market Street, Box 080 
Trenton, NJU 08625-0080 
(609) 292-4925 
973-504-6588 
http://ni.gov/oag/ 







Residents of West Virginia may contact the Attorney General at: 
Office of the Attorney General 
State Capitol Complex 
Bldg. 1 Room E-26 
Charleston, WV 25305 
(304) 558-2021 
1-800-368-8808 

http://www.ago.wv.gov/Pages/default.aspx 

Residents of Virginia may contact the Attorney General at: 

Office of the Attorney General 
900 East Main Street 
Richmond, VA 23219 
(804) 786-2071 
http://ag.virginia.gov/ 

Residents of Ohio may contact the Attorney General at: 

The Office of the Attorney General 
30 E. Broad St., 14 th Floor 
Columbus, OH 43215 
(614) 466-4986 
800-282-0515 

http://www.ohioattomeygeiieral.gov/ 

Residents of Florida may contact the Attorney General at: 

Office of Attorney General 
The Capitol PL-01 
Tallahassee, FL 32399-1050 
1-866-966-7226 

http://www.myfloridalegal.com/ 

Residents of Delaware may contact the Attorney General at: 
Delaware Department of Justice 
Carvel State Building 
820 N. French St. 

Wilmington, DE 19801 
(302) 577-8400 

http://attomeygeneral.delaware.gov/ 

Residents of Washington D.C. may contact the Attorney General at: 
Office of the Attorney General 
441 4 th Street, NW 
Washington, DC 20001 
(202) 347-8922 








